CWE-200

High likelihood

Exposure of Sensitive Information to an Unauthorized Actor

Parent: CWE-668 - Exposure of Resource to Wrong Sphere

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

10,151 vulnerabilities with CWE-200
CVE-2023-51527 MEDIUM
Senol Sahin AI Power - Info Disclosure
CVSS 5.3
CVE-2023-27447 MEDIUM
VeronaLabs WP SMS < 6.0.4 - Exposure of Sensitive Information
CVSS 5.3
CVE-2023-50968 HIGH
Apache OFBiz < 18.12.11 - Unauthenticated Arbitrary File Read and Server-Side Request Forgery
CVSS 7.5
CVE-2023-7094 MEDIUM
Netentsec NS-ASG Application Security Gateway 6.3 - Information Disclosure via /protocol/nsasg6.0.tgz
CVSS 5.3
CVE-2023-40058 MEDIUM
SolarWinds Access Rights Manager < 2023.2.1 - Unauthorized Sensitive Data Exposure via Public Knowledgebase
CVSS 6.5
CVE-2023-49162 MEDIUM
BigCommerce For WordPress <5.0.6 - Info Disclosure
CVSS 5.3
CVE-2023-48288 HIGH
HM Plugin JobWP <= 2.1 - Exposure of Sensitive Information in Resume Files
CVSS 7.5
CVE-2023-2487 MEDIUM
Export All Posts, Products, Orders, Refunds & Users <= 2.4.1 - Exposure of Sensitive Information
CVSS 5.9
CVE-2023-28421 MEDIUM
Winwar Media WordPress Email Marketing Plugin - WP Email Capture <= 3.10 - Exposure of Sensitive Information
CVSS 5.3
CVE-2023-49762 MEDIUM
AppMySite < 3.11.0 - Exposure of Sensitive Information
CVSS 5.3
CVE-2023-50705 MEDIUM
Efacec UC 500e Firmware - Information Disclosure
CVSS 5.3
CVE-2023-47146 MEDIUM
IBM QRadar SIEM 7.5 - Authenticated Exposure of Sensitive Domain Information
CVSS 4.9
CVE-2023-42940 MEDIUM
macOS 14.0-14.2.1 - Unprotected User Data Exposure via Screen Sharing Session Handling
CVSS 5.7
CVE-2023-44991 MEDIUM
Media File Renamer: Rename Files (Manual, Auto & AI) <= 5.6.9 - Exposure of Sensitive Information via Debug Log
CVSS 6.5
CVE-2023-44983 MEDIUM
Aruba HiSpeed Cache <= 2.0.6 - Sensitive Data Exposure via Log File
CVSS 5.3
CVE-2023-44982 MEDIUM
Perfect Images < 6.4.5 - Exposure of Sensitive Information via Log File
CVSS 5.3
CVE-2023-40691 MEDIUM
IBM Cloud Pak for Business Automation <22.0.2 - Info Disclosure
CVSS 4.9
CVE-2023-50271 HIGH
HP-UX System Management Homepage < a.3.2.23.09 - Information Disclosure
CVSS 7.2
CVE-2023-6894 MEDIUM
Hikvision Intercom Broadcasting System 3.0.3-4.1.0 - Information Disclosure in Log File Handler
CVSS 4.3
CVE-2023-27317 MEDIUM
ONTAP 9 <9.13.1P5 - Info Disclosure
CVSS 4.3
CVE-2023-50720 MEDIUM
XWiki Platform < 14.10.15 - Unauthenticated Exposure of Sensitive Information via Solr Search
CVSS 5.3
CVE-2023-50719 HIGH
XWiki Platform 7.2-milestone-2-14.10.14 - Unauthenticated Exposure of Sensitive Information via Solr Search
CVSS 7.5
CVE-2023-50715 MEDIUM
Home Assistant < 2023.12.3 - Unauthenticated User Account Enumeration via LAN Login Page
CVSS 4.3
CVE-2023-0248 HIGH
Kantech Gen1 ioSmart <1.07.02 - Info Disclosure
CVSS 7.5
CVE-2023-48671 HIGH
Dell vApp Manager <9.2.4 - Info Disclosure
CVSS 7.5
Details
Vulnerabilities 10,151
Exploit Likelihood High
Links
MITRE CWE Entry Search this CWE With Exploits